GDPR

GDPR came into force from 25th May 2018. This will affect how churches and many other organisations manage personal data and how this is protected and shared. The EU's General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.

Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for noncompliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU.